#!/usr/bin/env bash

_VPN=""
_USER="--user"
_PASSWORD="--password"
_SECRET="--secret"

help(){
    cat<<__EOF__
Usage: m vpn [OPTIONS] [ARGUMENTS]

Description: Manage VPN connections on macOS from the command line

Options:
  --help                       Show this help message and exit
  --list                       List available VPN connections
  --start [VPN] [USER] [PASS]  Start a VPN connection
  --stop VPN                   Stop a VPN connection
  --status VPN                 Show the status of a VPN connection


Examples:
  m vpn --list                         # list VPN connections
  m vpn --start                        # interactive mode if no arguments are provided
  m vpn --start VPN                    # start vpn connection named VPN
  m vpn --start VPN USER               # start a vpn connection with a given user
  m vpn --start VPN USER PASS          # start a vpn connection with a given user and password
  m vpn --start VPN USER PASS SECRET   # start a vpn connection with a given user,password, and secret
  m vpn --stop VPN                     # stop a vpn connection named VPN
  m vpn --status VPN                   # show the status of a vpn connection named VPN
__EOF__

}

list_vpns(){
    scutil --nc list
}

ask_parameters(){
    printf "\n"
    read -r -p "Vpn: " __VPN
    printf "\n"
    read -r -p "Username [press <enter> to skip]: " __USER
    printf "\n"
    read -s -r -p "Password [press <enter> to skip]: " __PASSWORD
    printf "\n\n"
    read -s -r -p "Secret [press <enter> to skip]: " __SECRET
    printf "\n"

    [ -z "${__SECRET}" ] && {
        _SECRET=""
    } || {
        _SECRET="${_SECRET} ${__SECRET}"
    }

    [ -z "${__PASSWORD}" ] && {
        _PASSWORD=""
    } || {
        _PASSWORD="${_PASSWORD} ${__PASSWORD}"
    }

    [ -z "${__USER}" ] && {
        _USER=""
    } || {
        _USER="${_USER} ${__USER}"
    }

    [ -z "${__VPN}" ] && {
        _VPN=""
    } || {
        _VPN="${__VPN}"
    }
}

start_vpn(){

    if [ "$#" -eq 4 ]; then
        # vpn user pass secret
        _SECRET="${_SECRET} ${4}"
        _PASSWORD="${_PASSWORD} ${3}"
        _USER="${_USER} ${2}"
        _VPN="${1}"
    elif [ "$#" -eq 3 ]; then
        # vpn user password
        _SECRET=""
        _PASSWORD="${_PASSWORD} ${3}"
        _USER="${_USER} ${2}"
        _VPN="${1}"
    elif [ "$#" -eq 2 ]; then
        # vpn user
        _SECRET=""
        _PASSWORD=""
        _USER="${_USER} ${2}"
        _VPN="${1}"
    elif [ "$#" -eq 1 ]; then
        # vpn
        _SECRET=""
        _PASSWORD=""
        _USER=""
        _VPN="${1}"
    else
        ask_parameters
    fi

    scutil --nc start "${_VPN}" ${_USER} ${_PASSWORD} ${_SECRET}

}

stop_vpn(){
    scutil --nc stop "$1"
}

vpn_status(){
    scutil --nc status "$1"
}


case $1 in
    --help)
        help
        ;;
    --list)
        list_vpns
        ;;
    --start)
        shift
        start_vpn "$@"
        ;;
    --stop)
        [ -z "$2" ] && help && exit 1;
        stop_vpn "$2"
        ;;
    --status)
        [ -z "$2" ] && help && exit 1;
        vpn_status "$2"
        ;;
    *)
        help && exit 1
        ;;
esac
